Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
3.1.0
-
None
-
None
Description
It would be useful if org.apache.spark.launcher.SparkLauncher allowed for a "sudo as user X" option. This way, multi-tenant applications that run Spark jobs could give end users greater security, by ensuring that the files (including, importantly, keytabs) can remain readable only by the end users instead of the UID that runs this multi-tenant application itself. I believe that sudo -u <theUser> spark-submit <spark-submit-args> should work. The builder maintained by SparkLauncher could simply have a setSudoUser method.